13 June 2012
Communications Privacy Folly
Communications Spying Solicitation June 12, 2012
Lisa Brownlee writes:
I would greatly appreciate your comment on this:
NINTH PRELIMINARY DRAFT FOR ANY/ALL DISTRIBUTION/PUBLIC POSTING
National Human Rights Commission Mexico (CNDH)
Copies Federales, Telmex, others
LISA M. BROWNLEE, ESQ.
25 April 2012
Re: Mexico law revisions Warrantless Real-time Cell phone Geolocation
Data Surveillance Parliamentary Gazette Volume X, Number 3455-II,
Tuesday, February 21, 2012 (hereinafter LeyGeolocalización
MX) This memo sets forth my opinion on LeyGeolocalización MX,
as experienced privacy, technology/digital rights legal scholar and practitioner,
expatriate resident Mexico. My credentials are provided here. I will be
publishing my conclusions in an article to be published next week by Bureau
of National Affairs (BNA) E-Commerce Law Report, which will receive international
distribution and, we anticipate, press coverage. A press conference to present
my findings will be held in coordination with the weekly press conferences
held by Dr. Eduardo Daniel Jiménez González, Abogado Ambassador,
International Lawyer, affiliations Harvard, UNAM, Georgetown, Johns Hopkins.
1. Due to the transmission technology of cellphone systems, like the that
of the Internet, there is not likely to be a means to prevent geolocation
and user data from being accessed by unauthorized parties.
2. At best there will be legal protections which cannot be technologically
3. It has become common to enact legal programs with promises of digital
data protection and privacy which mislead about technological capabilities.
4. Operators of communication systems are aware of the impossibility of
technological protection to fulfill legal requirements but join in the deception
in order to falsely assure customers, officials and watchdogs that protection
5. Operators of communication systems work in concert with governments to
allow access beyond what is legislated, in accord with long-standing practices
6. Operators of communication systems also permit access to the systems by
third parties under contract provisions which are customarily revealed only
in part to users, and in somes cases only in part to officials.
7. Most communications sytems are privately owned and operated for profit,
even those ostensibly owned by governments. Information about these systems
is closely guarded against outside parties learning about the systems'
capabilities, including governments, and in many cases, third parties who
may not know in full how their participation is used by the system operators.
8. Deception about communication systems is fundamental to guarding information
about the systems from competitors, governments, third parties, rogue employeess,
spies and criminals, many of who work in concert, competition and deception.
9. Every communication system is a spying system. Digital systems are far
easier to penetrate than analogue systems and thus much easier to use for
10. Deception about digital systems is fundamental to their carefully guarded
operation, marketing and minimization of liability.
11. Every manufacturer of communication systems equipment is capable of being
penetrated, corrupted and bribed. Undiscovered covert attacks are most lethal
to the manufacturer's survival; discovered attacks are most often concealed,
denies, lied about, used against competitors, secretly sold as products by
the manufacturer, by their rogue employees, by inside spies of competitors.
Deception about successful attacks is fundamental to the systems' operation.
12. The only protection against communication systems is to avoid their use.
Protections of promises of encryption, proxy use, Tor-like anonymity and
"military-grade" comsec technology are magic acts -- ELINT, SIGINT and COMINT
always prevail over comsec. The most widely trusted and promoted systems
are the most likely to be penetrated, exploited, spied upon, successfully
attacked, covertly compromised with faults hidden by promoters, operators,
competitors, compromisers and attackers all of whom warn against the others
while mutually benefiting from continuous alarms about security and privacy.
13. Avoidance of communication systems does not eliminate the exploitation
of data already collected, manufacture of false data, targeting of those
who avoid the systems, planting concealed tracking devices on a person, using
others to track a person.
This is the short version of why there can be no solution to preventing
communication systems abuse.